Static task
static1
Behavioral task
behavioral1
Sample
Contract.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
Contract.exe
Resource
win10v2004-20231020-en
General
-
Target
Contract.exe
-
Size
475KB
-
MD5
9176d70680c26f6ecdcaa34176e156cc
-
SHA1
921afd31d5f7acaf2308325346a705d2ca11d18e
-
SHA256
d80adfb429565563472cc6e9d4fef4b8435c2804ad977c4f4d5452cf5462cb59
-
SHA512
bbfeb4ddd91151c735a6dd9e5522f56ae0bd58fd86ae2df9fe7aa0e4ce41cbe15824beb91e6163b4aae47f8327375ea46690d6924c10f625a41cf93adf210bc9
-
SSDEEP
12288:/y8opMEnPv0OxHxsk22oAKXTYLzLFjLm5AbAJzh/j67FEoc05n1F:/FUv/xsk2pcLvFjLmxjEEn0F
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource Contract.exe
Files
-
Contract.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 469KB - Virtual size: 468KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ